Initial support for Certificate Policies extension: print out works but setting
isn't fully implemented (yet).
This commit is contained in:
Dr. Stephen Henson
parent
8de421b6d9
commit
41b731f2f8
13 changed files with 679 additions and 31 deletions
5
CHANGES
5
CHANGES
|
|
@ -5,6 +5,11 @@
|
|||
|
||||
Changes between 0.9.2b and 0.9.3
|
||||
|
||||
*) Initial support for Certificate Policies extension: print works but
|
||||
setting doesn't work fully (yet). Also various additions to support
|
||||
the r2i method this extension will use.
|
||||
[Steve Henson]
|
||||
|
||||
*) A lot of constification, and fix a bug in X509_NAME_oneline() that could
|
||||
return a const string when you are expecting an allocated buffer.
|
||||
[Ben Laurie]
|
||||
|
|
|
|||
10
apps/ca.c
10
apps/ca.c
|
|
@ -712,7 +712,10 @@ bad:
|
|||
extensions=CONF_get_string(conf,section,ENV_EXTENSIONS);
|
||||
if(extensions) {
|
||||
/* Check syntax of file */
|
||||
if(!X509V3_EXT_check_conf(conf, extensions)) {
|
||||
X509V3_CTX ctx;
|
||||
X509V3_set_ctx_test(&ctx);
|
||||
X509V3_set_conf_lhash(&ctx, conf);
|
||||
if(!X509V3_EXT_add_conf(conf, &ctx, extensions, NULL)) {
|
||||
BIO_printf(bio_err,
|
||||
"Error Loading extension section %s\n",
|
||||
extensions);
|
||||
|
|
@ -984,7 +987,10 @@ bad:
|
|||
crl_ext=CONF_get_string(conf,section,ENV_CRLEXT);
|
||||
if(crl_ext) {
|
||||
/* Check syntax of file */
|
||||
if(!X509V3_EXT_check_conf(conf, crl_ext)) {
|
||||
X509V3_CTX ctx;
|
||||
X509V3_set_ctx_test(&ctx);
|
||||
X509V3_set_conf_lhash(&ctx, conf);
|
||||
if(!X509V3_EXT_add_conf(conf, &ctx, crl_ext, NULL)) {
|
||||
BIO_printf(bio_err,
|
||||
"Error Loading CRL extension section %s\n",
|
||||
crl_ext);
|
||||
|
|
|
|||
|
|
@ -438,7 +438,10 @@ bad:
|
|||
extensions = CONF_get_string(req_conf, SECTION, V3_EXTENSIONS);
|
||||
if(extensions) {
|
||||
/* Check syntax of file */
|
||||
if(!X509V3_EXT_check_conf(req_conf, extensions)) {
|
||||
X509V3_CTX ctx;
|
||||
X509V3_set_ctx_test(&ctx);
|
||||
X509V3_set_conf_lhash(&ctx, req_conf);
|
||||
if(!X509V3_EXT_add_conf(req_conf, &ctx, extensions, NULL)) {
|
||||
BIO_printf(bio_err,
|
||||
"Error Loading extension section %s\n", extensions);
|
||||
goto end;
|
||||
|
|
|
|||
|
|
@ -67,6 +67,7 @@
|
|||
#define ASN1_F_D2I_NETSCAPE_RSA_2 142
|
||||
#define ASN1_F_D2I_NETSCAPE_SPKAC 143
|
||||
#define ASN1_F_D2I_NETSCAPE_SPKI 144
|
||||
#define ASN1_F_D2I_NOTICEREF 268
|
||||
#define ASN1_F_D2I_PBE2PARAM 262
|
||||
#define ASN1_F_D2I_PBEPARAM 249
|
||||
#define ASN1_F_D2I_PBKDF2PARAM 263
|
||||
|
|
@ -86,12 +87,15 @@
|
|||
#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154
|
||||
#define ASN1_F_D2I_PKCS8_PRIV_KEY_INFO 250
|
||||
#define ASN1_F_D2I_PKEY_USAGE_PERIOD 239
|
||||
#define ASN1_F_D2I_POLICYINFO 269
|
||||
#define ASN1_F_D2I_POLICYQUALINFO 270
|
||||
#define ASN1_F_D2I_PRIVATEKEY 155
|
||||
#define ASN1_F_D2I_PUBLICKEY 156
|
||||
#define ASN1_F_D2I_RSAPRIVATEKEY 157
|
||||
#define ASN1_F_D2I_RSAPUBLICKEY 158
|
||||
#define ASN1_F_D2I_SXNET 241
|
||||
#define ASN1_F_D2I_SXNETID 243
|
||||
#define ASN1_F_D2I_USERNOTICE 271
|
||||
#define ASN1_F_D2I_X509 159
|
||||
#define ASN1_F_D2I_X509_ALGOR 160
|
||||
#define ASN1_F_D2I_X509_ATTRIBUTE 161
|
||||
|
|
@ -128,6 +132,7 @@
|
|||
#define ASN1_F_NETSCAPE_PKEY_NEW 189
|
||||
#define ASN1_F_NETSCAPE_SPKAC_NEW 190
|
||||
#define ASN1_F_NETSCAPE_SPKI_NEW 191
|
||||
#define ASN1_F_NOTICEREF_NEW 272
|
||||
#define ASN1_F_PBE2PARAM_NEW 264
|
||||
#define ASN1_F_PBEPARAM_NEW 251
|
||||
#define ASN1_F_PBKDF2PARAM_NEW 265
|
||||
|
|
@ -147,8 +152,11 @@
|
|||
#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
|
||||
#define ASN1_F_PKCS8_PRIV_KEY_INFO_NEW 252
|
||||
#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240
|
||||
#define ASN1_F_POLICYINFO_NEW 273
|
||||
#define ASN1_F_POLICYQUALINFO_NEW 274
|
||||
#define ASN1_F_SXNETID_NEW 244
|
||||
#define ASN1_F_SXNET_NEW 242
|
||||
#define ASN1_F_USERNOTICE_NEW 275
|
||||
#define ASN1_F_X509_ALGOR_NEW 202
|
||||
#define ASN1_F_X509_ATTRIBUTE_NEW 203
|
||||
#define ASN1_F_X509_CINF_NEW 204
|
||||
|
|
|
|||
|
|
@ -874,6 +874,7 @@ ASN1_STRING *ASN1_pack_string();
|
|||
#define ASN1_F_D2I_NETSCAPE_RSA_2 142
|
||||
#define ASN1_F_D2I_NETSCAPE_SPKAC 143
|
||||
#define ASN1_F_D2I_NETSCAPE_SPKI 144
|
||||
#define ASN1_F_D2I_NOTICEREF 268
|
||||
#define ASN1_F_D2I_PBE2PARAM 262
|
||||
#define ASN1_F_D2I_PBEPARAM 249
|
||||
#define ASN1_F_D2I_PBKDF2PARAM 263
|
||||
|
|
@ -893,12 +894,15 @@ ASN1_STRING *ASN1_pack_string();
|
|||
#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154
|
||||
#define ASN1_F_D2I_PKCS8_PRIV_KEY_INFO 250
|
||||
#define ASN1_F_D2I_PKEY_USAGE_PERIOD 239
|
||||
#define ASN1_F_D2I_POLICYINFO 269
|
||||
#define ASN1_F_D2I_POLICYQUALINFO 270
|
||||
#define ASN1_F_D2I_PRIVATEKEY 155
|
||||
#define ASN1_F_D2I_PUBLICKEY 156
|
||||
#define ASN1_F_D2I_RSAPRIVATEKEY 157
|
||||
#define ASN1_F_D2I_RSAPUBLICKEY 158
|
||||
#define ASN1_F_D2I_SXNET 241
|
||||
#define ASN1_F_D2I_SXNETID 243
|
||||
#define ASN1_F_D2I_USERNOTICE 271
|
||||
#define ASN1_F_D2I_X509 159
|
||||
#define ASN1_F_D2I_X509_ALGOR 160
|
||||
#define ASN1_F_D2I_X509_ATTRIBUTE 161
|
||||
|
|
@ -935,6 +939,7 @@ ASN1_STRING *ASN1_pack_string();
|
|||
#define ASN1_F_NETSCAPE_PKEY_NEW 189
|
||||
#define ASN1_F_NETSCAPE_SPKAC_NEW 190
|
||||
#define ASN1_F_NETSCAPE_SPKI_NEW 191
|
||||
#define ASN1_F_NOTICEREF_NEW 272
|
||||
#define ASN1_F_PBE2PARAM_NEW 264
|
||||
#define ASN1_F_PBEPARAM_NEW 251
|
||||
#define ASN1_F_PBKDF2PARAM_NEW 265
|
||||
|
|
@ -954,8 +959,11 @@ ASN1_STRING *ASN1_pack_string();
|
|||
#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
|
||||
#define ASN1_F_PKCS8_PRIV_KEY_INFO_NEW 252
|
||||
#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240
|
||||
#define ASN1_F_POLICYINFO_NEW 273
|
||||
#define ASN1_F_POLICYQUALINFO_NEW 274
|
||||
#define ASN1_F_SXNETID_NEW 244
|
||||
#define ASN1_F_SXNET_NEW 242
|
||||
#define ASN1_F_USERNOTICE_NEW 275
|
||||
#define ASN1_F_X509_ALGOR_NEW 202
|
||||
#define ASN1_F_X509_ATTRIBUTE_NEW 203
|
||||
#define ASN1_F_X509_CINF_NEW 204
|
||||
|
|
|
|||
|
|
@ -129,6 +129,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
|
|||
{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "D2I_NETSCAPE_RSA_2"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "D2I_NETSCAPE_SPKAC"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "D2I_NETSCAPE_SPKI"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_NOTICEREF,0), "D2I_NOTICEREF"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_PBE2PARAM,0), "D2I_PBE2PARAM"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_PBEPARAM,0), "D2I_PBEPARAM"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_PBKDF2PARAM,0), "D2I_PBKDF2PARAM"},
|
||||
|
|
@ -148,12 +149,15 @@ static ERR_STRING_DATA ASN1_str_functs[]=
|
|||
{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_PKCS8_PRIV_KEY_INFO,0), "D2I_PKCS8_PRIV_KEY_INFO"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_PKEY_USAGE_PERIOD,0), "D2I_PKEY_USAGE_PERIOD"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_POLICYINFO,0), "D2I_POLICYINFO"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_POLICYQUALINFO,0), "D2I_POLICYQUALINFO"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "D2I_PRIVATEKEY"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "D2I_PUBLICKEY"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "D2I_RSAPRIVATEKEY"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "D2I_RSAPUBLICKEY"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_SXNET,0), "D2I_SXNET"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_SXNETID,0), "D2I_SXNETID"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_USERNOTICE,0), "D2I_USERNOTICE"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "D2I_X509_ALGOR"},
|
||||
{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "D2I_X509_ATTRIBUTE"},
|
||||
|
|
@ -190,6 +194,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
|
|||
{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_NOTICEREF_NEW,0), "NOTICEREF_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_PBE2PARAM_NEW,0), "PBE2PARAM_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_PBEPARAM_NEW,0), "PBEPARAM_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_PBKDF2PARAM_NEW,0), "PBKDF2PARAM_NEW"},
|
||||
|
|
@ -209,8 +214,11 @@ static ERR_STRING_DATA ASN1_str_functs[]=
|
|||
{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_PKCS8_PRIV_KEY_INFO_NEW,0), "PKCS8_PRIV_KEY_INFO_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_PKEY_USAGE_PERIOD_NEW,0), "PKEY_USAGE_PERIOD_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_POLICYINFO_NEW,0), "POLICYINFO_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_POLICYQUALINFO_NEW,0), "POLICYQUALINFO_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_SXNETID_NEW,0), "SXNETID_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_SXNET_NEW,0), "SXNET_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_USERNOTICE_NEW,0), "USERNOTICE_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_NEW"},
|
||||
{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"},
|
||||
|
|
|
|||
|
|
@ -24,10 +24,10 @@ APPS=
|
|||
LIB=$(TOP)/libcrypto.a
|
||||
LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c \
|
||||
v3_lib.c v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c \
|
||||
v3_pku.c v3_int.c v3_enum.c v3_sxnet.c
|
||||
v3_pku.c v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c
|
||||
LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
|
||||
v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
|
||||
v3_int.o v3_enum.o v3_sxnet.o
|
||||
v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o
|
||||
|
||||
SRC= $(LIBSRC)
|
||||
|
||||
|
|
|
|||
|
|
@ -149,6 +149,12 @@ char *value; /* Value */
|
|||
if(!ext_struc) return NULL;
|
||||
} else if(method->s2i) {
|
||||
if(!(ext_struc = method->s2i(method, ctx, value))) return NULL;
|
||||
} else if(method->r2i) {
|
||||
if(!ctx->db) {
|
||||
X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE);
|
||||
return NULL;
|
||||
}
|
||||
if(!(ext_struc = method->r2i(method, ctx, value))) return NULL;
|
||||
} else {
|
||||
X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
|
||||
ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid));
|
||||
|
|
@ -287,15 +293,6 @@ X509_CRL *crl;
|
|||
return 1;
|
||||
}
|
||||
|
||||
/* Just check syntax of config file as far as possible */
|
||||
int X509V3_EXT_check_conf(conf, section)
|
||||
LHASH *conf;
|
||||
char *section;
|
||||
{
|
||||
static X509V3_CTX ctx_tst = { CTX_TEST, NULL, NULL, NULL, NULL };
|
||||
return X509V3_EXT_add_conf(conf, &ctx_tst, section, NULL);
|
||||
}
|
||||
|
||||
/* Config database functions */
|
||||
|
||||
char * X509V3_get_string(ctx, name, section)
|
||||
|
|
@ -317,18 +314,20 @@ char *section;
|
|||
return NULL;
|
||||
}
|
||||
|
||||
void X509V3_free_string(ctx, str)
|
||||
void X509V3_string_free(ctx, str)
|
||||
X509V3_CTX *ctx;
|
||||
char *str;
|
||||
{
|
||||
if(!str) return;
|
||||
if(ctx->db_meth->free_string)
|
||||
return ctx->db_meth->free_string(ctx->db, str);
|
||||
}
|
||||
|
||||
void X509V3_free_section(ctx, section)
|
||||
void X509V3_section_free(ctx, section)
|
||||
X509V3_CTX *ctx;
|
||||
STACK *section;
|
||||
{
|
||||
if(!section) return;
|
||||
if(ctx->db_meth->free_section)
|
||||
return ctx->db_meth->free_section(ctx->db, section);
|
||||
}
|
||||
|
|
|
|||
544
crypto/x509v3/v3_cpols.c
Normal file
544
crypto/x509v3/v3_cpols.c
Normal file
|
|
@ -0,0 +1,544 @@
|
|||
/* v3_cpols.c */
|
||||
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
|
||||
* project 1999.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include "cryptlib.h"
|
||||
#include "conf.h"
|
||||
#include "asn1.h"
|
||||
#include "asn1_mac.h"
|
||||
#include "x509v3.h"
|
||||
|
||||
/* Certificate policies extension support: this one is a bit complex... */
|
||||
|
||||
static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent);
|
||||
static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value);
|
||||
static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent);
|
||||
static void print_notice(BIO *out, USERNOTICE *notice, int indent);
|
||||
static POLICYINFO *policy_section(X509V3_CTX *ctx, STACK *polstrs);
|
||||
|
||||
X509V3_EXT_METHOD v3_cpols = {
|
||||
NID_certificate_policies, 0,
|
||||
(X509V3_EXT_NEW)CERTIFICATEPOLICIES_new,
|
||||
CERTIFICATEPOLICIES_free,
|
||||
(X509V3_EXT_D2I)d2i_CERTIFICATEPOLICIES,
|
||||
i2d_CERTIFICATEPOLICIES,
|
||||
NULL, NULL,
|
||||
NULL, NULL,
|
||||
(X509V3_EXT_I2R)i2r_certpol,
|
||||
(X509V3_EXT_R2I)r2i_certpol,
|
||||
NULL
|
||||
};
|
||||
|
||||
|
||||
/*
|
||||
* ASN1err(ASN1_F_POLICYINFO_NEW,ERR_R_MALLOC_FAILURE);
|
||||
* ASN1err(ASN1_F_D2I_POLICYINFO,ERR_R_MALLOC_FAILURE);
|
||||
* ASN1err(ASN1_F_POLICYQUALINFO_NEW,ERR_R_MALLOC_FAILURE);
|
||||
* ASN1err(ASN1_F_D2I_POLICYQUALINFO,ERR_R_MALLOC_FAILURE);
|
||||
* ASN1err(ASN1_F_USERNOTICE_NEW,ERR_R_MALLOC_FAILURE);
|
||||
* ASN1err(ASN1_F_D2I_USERNOTICE,ERR_R_MALLOC_FAILURE);
|
||||
* ASN1err(ASN1_F_NOTICEREF_NEW,ERR_R_MALLOC_FAILURE);
|
||||
* ASN1err(ASN1_F_D2I_NOTICEREF,ERR_R_MALLOC_FAILURE);
|
||||
*/
|
||||
|
||||
static STACK_OF(POLICYINFO) *r2i_certpol(method, ctx, value)
|
||||
X509V3_EXT_METHOD *method;
|
||||
X509V3_CTX *ctx;
|
||||
char *value;
|
||||
{
|
||||
STACK_OF(POLICYINFO) *pols = NULL;
|
||||
char *pstr;
|
||||
POLICYINFO *pol;
|
||||
ASN1_OBJECT *pobj;
|
||||
STACK *vals;
|
||||
CONF_VALUE *cnf;
|
||||
int i;
|
||||
pols = sk_POLICYINFO_new_null();
|
||||
vals = X509V3_parse_list(value);
|
||||
for(i = 0; i < sk_num(vals); i++) {
|
||||
cnf = (CONF_VALUE *)sk_value(vals, i);
|
||||
if(cnf->value || !cnf->name ) {
|
||||
X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_POLICY_IDENTIFIER);
|
||||
X509V3_conf_err(cnf);
|
||||
goto err;
|
||||
}
|
||||
pstr = cnf->name;
|
||||
if(*pstr == '@') {
|
||||
STACK *polsect;
|
||||
polsect = X509V3_get_section(ctx, pstr + 1);
|
||||
if(!polsect) {
|
||||
X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_SECTION);
|
||||
|
||||
X509V3_conf_err(cnf);
|
||||
goto err;
|
||||
}
|
||||
pol = policy_section(ctx, polsect);
|
||||
X509V3_section_free(ctx, polsect);
|
||||
if(!pol) goto err;
|
||||
} else {
|
||||
if(!(pobj = OBJ_txt2obj(cnf->name, 0))) {
|
||||
X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
||||
X509V3_conf_err(cnf);
|
||||
goto err;
|
||||
}
|
||||
pol = POLICYINFO_new();
|
||||
pol->policyid = pobj;
|
||||
}
|
||||
sk_POLICYINFO_push(pols, pol);
|
||||
}
|
||||
sk_pop_free(vals, X509V3_conf_free);
|
||||
return pols;
|
||||
err:
|
||||
sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static POLICYINFO *policy_section(ctx, polstrs)
|
||||
X509V3_CTX *ctx;
|
||||
STACK *polstrs;
|
||||
{
|
||||
int i;
|
||||
CONF_VALUE *cnf;
|
||||
for(i = 0; i < sk_num(polstrs); i++) {
|
||||
cnf = (CONF_VALUE *)sk_value(polstrs, i);
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
static int i2r_certpol(method, pol, out, indent)
|
||||
X509V3_EXT_METHOD *method;
|
||||
STACK_OF(POLICYINFO) *pol;
|
||||
BIO *out;
|
||||
int indent;
|
||||
{
|
||||
int i;
|
||||
POLICYINFO *pinfo;
|
||||
/* First print out the policy OIDs */
|
||||
for(i = 0; i < sk_POLICYINFO_num(pol); i++) {
|
||||
pinfo = sk_POLICYINFO_value(pol, i);
|
||||
BIO_printf(out, "%*sPolicy: ", indent, "");
|
||||
i2a_ASN1_OBJECT(out, pinfo->policyid);
|
||||
BIO_puts(out, "\n");
|
||||
if(pinfo->qualifiers)
|
||||
print_qualifiers(out, pinfo->qualifiers, indent + 2);
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
int i2d_CERTIFICATEPOLICIES(a, pp)
|
||||
STACK_OF(POLICYINFO) *a;
|
||||
unsigned char **pp;
|
||||
{
|
||||
|
||||
return i2d_ASN1_SET_OF_POLICYINFO(a, pp, i2d_POLICYINFO, V_ASN1_SEQUENCE,
|
||||
V_ASN1_UNIVERSAL, IS_SEQUENCE);}
|
||||
|
||||
STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new()
|
||||
{
|
||||
return sk_POLICYINFO_new_null();
|
||||
}
|
||||
|
||||
void CERTIFICATEPOLICIES_free(a)
|
||||
STACK_OF(POLICYINFO) *a;
|
||||
{
|
||||
sk_POLICYINFO_pop_free(a, POLICYINFO_free);
|
||||
}
|
||||
|
||||
STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(a,pp,length)
|
||||
STACK_OF(POLICYINFO) **a;
|
||||
unsigned char **pp;
|
||||
long length;
|
||||
{
|
||||
return d2i_ASN1_SET_OF_POLICYINFO(a, pp, length, d2i_POLICYINFO,
|
||||
POLICYINFO_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
|
||||
|
||||
}
|
||||
|
||||
IMPLEMENT_STACK_OF(POLICYINFO)
|
||||
IMPLEMENT_ASN1_SET_OF(POLICYINFO)
|
||||
|
||||
int i2d_POLICYINFO(a,pp)
|
||||
POLICYINFO *a;
|
||||
unsigned char **pp;
|
||||
{
|
||||
M_ASN1_I2D_vars(a);
|
||||
|
||||
M_ASN1_I2D_len (a->policyid, i2d_ASN1_OBJECT);
|
||||
M_ASN1_I2D_len_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
|
||||
i2d_POLICYQUALINFO);
|
||||
|
||||
M_ASN1_I2D_seq_total();
|
||||
|
||||
M_ASN1_I2D_put (a->policyid, i2d_ASN1_OBJECT);
|
||||
M_ASN1_I2D_put_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
|
||||
i2d_POLICYQUALINFO);
|
||||
|
||||
M_ASN1_I2D_finish();
|
||||
}
|
||||
|
||||
POLICYINFO *POLICYINFO_new()
|
||||
{
|
||||
POLICYINFO *ret=NULL;
|
||||
ASN1_CTX c;
|
||||
M_ASN1_New_Malloc(ret, POLICYINFO);
|
||||
ret->policyid = NULL;
|
||||
ret->qualifiers = NULL;
|
||||
return (ret);
|
||||
M_ASN1_New_Error(ASN1_F_POLICYINFO_NEW);
|
||||
}
|
||||
|
||||
POLICYINFO *d2i_POLICYINFO(a,pp,length)
|
||||
POLICYINFO **a;
|
||||
unsigned char **pp;
|
||||
long length;
|
||||
{
|
||||
M_ASN1_D2I_vars(a,POLICYINFO *,POLICYINFO_new);
|
||||
M_ASN1_D2I_Init();
|
||||
M_ASN1_D2I_start_sequence();
|
||||
M_ASN1_D2I_get(ret->policyid, d2i_ASN1_OBJECT);
|
||||
if(!M_ASN1_D2I_end_sequence()) {
|
||||
M_ASN1_D2I_get_seq_type (POLICYQUALINFO, ret->qualifiers,
|
||||
d2i_POLICYQUALINFO, POLICYQUALINFO_free);
|
||||
}
|
||||
M_ASN1_D2I_Finish(a, POLICYINFO_free, ASN1_F_D2I_POLICYINFO);
|
||||
}
|
||||
|
||||
void POLICYINFO_free(a)
|
||||
POLICYINFO *a;
|
||||
{
|
||||
if (a == NULL) return;
|
||||
ASN1_OBJECT_free(a->policyid);
|
||||
sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free);
|
||||
Free (a);
|
||||
}
|
||||
|
||||
static void print_qualifiers(out, quals, indent)
|
||||
BIO *out;
|
||||
STACK_OF(POLICYQUALINFO) *quals;
|
||||
int indent;
|
||||
{
|
||||
POLICYQUALINFO *qualinfo;
|
||||
int i;
|
||||
for(i = 0; i < sk_POLICYQUALINFO_num(quals); i++) {
|
||||
qualinfo = sk_POLICYQUALINFO_value(quals, i);
|
||||
switch(OBJ_obj2nid(qualinfo->pqualid))
|
||||
{
|
||||
case NID_id_qt_cps:
|
||||
BIO_printf(out, "%*sCPS: %s\n", indent, "",
|
||||
qualinfo->d.cpsuri->data);
|
||||
break;
|
||||
|
||||
case NID_id_qt_unotice:
|
||||
BIO_printf(out, "%*sUser Notice:\n", indent, "");
|
||||
print_notice(out, qualinfo->d.usernotice, indent + 2);
|
||||
break;
|
||||
|
||||
default:
|
||||
BIO_printf(out, "%*sUnknown Qualifier: ",
|
||||
indent + 2, "");
|
||||
|
||||
i2a_ASN1_OBJECT(out, qualinfo->pqualid);
|
||||
BIO_puts(out, "\n");
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static void print_notice(out, notice, indent)
|
||||
BIO *out;
|
||||
USERNOTICE *notice;
|
||||
int indent;
|
||||
{
|
||||
int i;
|
||||
if(notice->noticeref) {
|
||||
NOTICEREF *ref;
|
||||
ref = notice->noticeref;
|
||||
BIO_printf(out, "%*sOrganization: %s\n", indent, "",
|
||||
ref->organization->data);
|
||||
BIO_printf(out, "%*sNumber%s: ", indent, "",
|
||||
(sk_num(ref->noticenos) > 1) ? "s" : "");
|
||||
for(i = 0; i < sk_num(ref->noticenos); i++) {
|
||||
ASN1_INTEGER *num;
|
||||
char *tmp;
|
||||
num = (ASN1_INTEGER *)sk_value(ref->noticenos, i);
|
||||
if(i) BIO_puts(out, ", ");
|
||||
tmp = i2s_ASN1_INTEGER(NULL, num);
|
||||
BIO_puts(out, tmp);
|
||||
Free(tmp);
|
||||
}
|
||||
BIO_puts(out, "\n");
|
||||
}
|
||||
if(notice->exptext)
|
||||
BIO_printf(out, "%*sNotice Reference: %s\n", indent, "",
|
||||
notice->exptext->data);
|
||||
}
|
||||
|
||||
|
||||
|
||||
int i2d_POLICYQUALINFO(a,pp)
|
||||
POLICYQUALINFO *a;
|
||||
unsigned char **pp;
|
||||
{
|
||||
M_ASN1_I2D_vars(a);
|
||||
|
||||
M_ASN1_I2D_len (a->pqualid, i2d_ASN1_OBJECT);
|
||||
switch(OBJ_obj2nid(a->pqualid)) {
|
||||
case NID_id_qt_cps:
|
||||
M_ASN1_I2D_len(a->d.cpsuri, i2d_ASN1_IA5STRING);
|
||||
break;
|
||||
|
||||
case NID_id_qt_unotice:
|
||||
M_ASN1_I2D_len(a->d.usernotice, i2d_USERNOTICE);
|
||||
break;
|
||||
|
||||
default:
|
||||
M_ASN1_I2D_len(a->d.other, i2d_ASN1_TYPE);
|
||||
break;
|
||||
}
|
||||
|
||||
M_ASN1_I2D_seq_total();
|
||||
|
||||
M_ASN1_I2D_put (a->pqualid, i2d_ASN1_OBJECT);
|
||||
switch(OBJ_obj2nid(a->pqualid)) {
|
||||
case NID_id_qt_cps:
|
||||
M_ASN1_I2D_put(a->d.cpsuri, i2d_ASN1_IA5STRING);
|
||||
break;
|
||||
|
||||
case NID_id_qt_unotice:
|
||||
M_ASN1_I2D_put(a->d.usernotice, i2d_USERNOTICE);
|
||||
break;
|
||||
|
||||
default:
|
||||
M_ASN1_I2D_put(a->d.other, i2d_ASN1_TYPE);
|
||||
break;
|
||||
}
|
||||
|
||||
M_ASN1_I2D_finish();
|
||||
}
|
||||
|
||||
POLICYQUALINFO *POLICYQUALINFO_new()
|
||||
{
|
||||
POLICYQUALINFO *ret=NULL;
|
||||
ASN1_CTX c;
|
||||
M_ASN1_New_Malloc(ret, POLICYQUALINFO);
|
||||
ret->pqualid = NULL;
|
||||
ret->d.other = NULL;
|
||||
return (ret);
|
||||
M_ASN1_New_Error(ASN1_F_POLICYQUALINFO_NEW);
|
||||
}
|
||||
|
||||
POLICYQUALINFO *d2i_POLICYQUALINFO(a,pp,length)
|
||||
POLICYQUALINFO **a;
|
||||
unsigned char **pp;
|
||||
long length;
|
||||
{
|
||||
M_ASN1_D2I_vars(a,POLICYQUALINFO *,POLICYQUALINFO_new);
|
||||
M_ASN1_D2I_Init();
|
||||
M_ASN1_D2I_start_sequence();
|
||||
M_ASN1_D2I_get (ret->pqualid, d2i_ASN1_OBJECT);
|
||||
switch(OBJ_obj2nid(ret->pqualid)) {
|
||||
case NID_id_qt_cps:
|
||||
M_ASN1_D2I_get(ret->d.cpsuri, d2i_ASN1_IA5STRING);
|
||||
break;
|
||||
|
||||
case NID_id_qt_unotice:
|
||||
M_ASN1_D2I_get(ret->d.usernotice, d2i_USERNOTICE);
|
||||
break;
|
||||
|
||||
default:
|
||||
M_ASN1_D2I_get(ret->d.other, d2i_ASN1_TYPE);
|
||||
break;
|
||||
}
|
||||
M_ASN1_D2I_Finish(a, POLICYQUALINFO_free, ASN1_F_D2I_POLICYQUALINFO);
|
||||
}
|
||||
|
||||
void POLICYQUALINFO_free(a)
|
||||
POLICYQUALINFO *a;
|
||||
{
|
||||
if (a == NULL) return;
|
||||
switch(OBJ_obj2nid(a->pqualid)) {
|
||||
case NID_id_qt_cps:
|
||||
ASN1_IA5STRING_free(a->d.cpsuri);
|
||||
break;
|
||||
|
||||
case NID_id_qt_unotice:
|
||||
USERNOTICE_free(a->d.usernotice);
|
||||
break;
|
||||
|
||||
default:
|
||||
ASN1_TYPE_free(a->d.other);
|
||||
break;
|
||||
}
|
||||
|
||||
ASN1_OBJECT_free(a->pqualid);
|
||||
Free (a);
|
||||
}
|
||||
|
||||
int i2d_USERNOTICE(a,pp)
|
||||
USERNOTICE *a;
|
||||
unsigned char **pp;
|
||||
{
|
||||
M_ASN1_I2D_vars(a);
|
||||
|
||||
M_ASN1_I2D_len (a->noticeref, i2d_NOTICEREF);
|
||||
M_ASN1_I2D_len (a->exptext, i2d_DISPLAYTEXT);
|
||||
|
||||
M_ASN1_I2D_seq_total();
|
||||
|
||||
M_ASN1_I2D_put (a->noticeref, i2d_NOTICEREF);
|
||||
M_ASN1_I2D_put (a->exptext, i2d_DISPLAYTEXT);
|
||||
|
||||
M_ASN1_I2D_finish();
|
||||
}
|
||||
|
||||
USERNOTICE *USERNOTICE_new()
|
||||
{
|
||||
USERNOTICE *ret=NULL;
|
||||
ASN1_CTX c;
|
||||
M_ASN1_New_Malloc(ret, USERNOTICE);
|
||||
ret->noticeref = NULL;
|
||||
ret->exptext = NULL;
|
||||
return (ret);
|
||||
M_ASN1_New_Error(ASN1_F_USERNOTICE_NEW);
|
||||
}
|
||||
|
||||
USERNOTICE *d2i_USERNOTICE(a,pp,length)
|
||||
USERNOTICE **a;
|
||||
unsigned char **pp;
|
||||
long length;
|
||||
{
|
||||
M_ASN1_D2I_vars(a,USERNOTICE *,USERNOTICE_new);
|
||||
M_ASN1_D2I_Init();
|
||||
M_ASN1_D2I_start_sequence();
|
||||
M_ASN1_D2I_get_opt(ret->noticeref, d2i_NOTICEREF, V_ASN1_SEQUENCE);
|
||||
if (!M_ASN1_D2I_end_sequence()) {
|
||||
M_ASN1_D2I_get(ret->exptext, d2i_DISPLAYTEXT);
|
||||
}
|
||||
M_ASN1_D2I_Finish(a, USERNOTICE_free, ASN1_F_D2I_USERNOTICE);
|
||||
}
|
||||
|
||||
void USERNOTICE_free(a)
|
||||
USERNOTICE *a;
|
||||
{
|
||||
if (a == NULL) return;
|
||||
NOTICEREF_free(a->noticeref);
|
||||
DISPLAYTEXT_free(a->exptext);
|
||||
Free (a);
|
||||
}
|
||||
|
||||
int i2d_NOTICEREF(a,pp)
|
||||
NOTICEREF *a;
|
||||
unsigned char **pp;
|
||||
{
|
||||
M_ASN1_I2D_vars(a);
|
||||
|
||||
M_ASN1_I2D_len (a->organization, i2d_DISPLAYTEXT);
|
||||
M_ASN1_I2D_len_SEQUENCE(a->noticenos, i2d_ASN1_INTEGER);
|
||||
|
||||
M_ASN1_I2D_seq_total();
|
||||
|
||||
M_ASN1_I2D_put (a->organization, i2d_DISPLAYTEXT);
|
||||
M_ASN1_I2D_put_SEQUENCE(a->noticenos, i2d_ASN1_INTEGER);
|
||||
|
||||
M_ASN1_I2D_finish();
|
||||
}
|
||||
|
||||
NOTICEREF *NOTICEREF_new()
|
||||
{
|
||||
NOTICEREF *ret=NULL;
|
||||
ASN1_CTX c;
|
||||
M_ASN1_New_Malloc(ret, NOTICEREF);
|
||||
ret->organization = NULL;
|
||||
ret->noticenos = NULL;
|
||||
return (ret);
|
||||
M_ASN1_New_Error(ASN1_F_NOTICEREF_NEW);
|
||||
}
|
||||
|
||||
NOTICEREF *d2i_NOTICEREF(a,pp,length)
|
||||
NOTICEREF **a;
|
||||
unsigned char **pp;
|
||||
long length;
|
||||
{
|
||||
M_ASN1_D2I_vars(a,NOTICEREF *,NOTICEREF_new);
|
||||
M_ASN1_D2I_Init();
|
||||
M_ASN1_D2I_start_sequence();
|
||||
/* This is to cope with some broken encodings that use IA5STRING for
|
||||
* the organization field
|
||||
*/
|
||||
M_ASN1_D2I_get_opt(ret->organization, d2i_ASN1_IA5STRING,
|
||||
V_ASN1_IA5STRING);
|
||||
if(!ret->organization) {
|
||||
M_ASN1_D2I_get(ret->organization, d2i_DISPLAYTEXT);
|
||||
}
|
||||
M_ASN1_D2I_get_seq(ret->noticenos, d2i_ASN1_INTEGER, ASN1_STRING_free);
|
||||
M_ASN1_D2I_Finish(a, NOTICEREF_free, ASN1_F_D2I_NOTICEREF);
|
||||
}
|
||||
|
||||
void NOTICEREF_free(a)
|
||||
NOTICEREF *a;
|
||||
{
|
||||
if (a == NULL) return;
|
||||
DISPLAYTEXT_free(a->organization);
|
||||
sk_pop_free(a->noticenos, ASN1_STRING_free);
|
||||
Free (a);
|
||||
}
|
||||
|
||||
IMPLEMENT_STACK_OF(POLICYQUALINFO)
|
||||
IMPLEMENT_ASN1_SET_OF(POLICYQUALINFO)
|
||||
|
|
@ -149,7 +149,7 @@ extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
|
|||
extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet;
|
||||
extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
|
||||
|
||||
extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason;
|
||||
extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_cpols;
|
||||
|
||||
int X509V3_add_standard_extensions()
|
||||
{
|
||||
|
|
@ -165,6 +165,7 @@ int X509V3_add_standard_extensions()
|
|||
X509V3_EXT_add(&v3_crl_num);
|
||||
X509V3_EXT_add(&v3_sxnet);
|
||||
X509V3_EXT_add(&v3_crl_reason);
|
||||
X509V3_EXT_add(&v3_cpols);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -69,6 +69,7 @@ static ERR_STRING_DATA X509V3_str_functs[]=
|
|||
{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"},
|
||||
{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0), "i2s_ASN1_ENUMERATED"},
|
||||
{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0), "i2s_ASN1_INTEGER"},
|
||||
{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0), "R2I_CERTPOL"},
|
||||
{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0), "S2I_ASN1_IA5STRING"},
|
||||
{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0), "s2i_ASN1_INTEGER"},
|
||||
{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0), "s2i_ASN1_OCTET_STRING"},
|
||||
|
|
@ -87,12 +88,12 @@ static ERR_STRING_DATA X509V3_str_functs[]=
|
|||
{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAME,0), "v2i_GENERAL_NAME"},
|
||||
{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAMES,0), "v2i_GENERAL_NAMES"},
|
||||
{ERR_PACK(0,X509V3_F_V3_GENERIC_EXTENSION,0), "V3_GENERIC_EXTENSION"},
|
||||
{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0), "X509V3_EXT_add"},
|
||||
{ERR_PACK(0,X509V3_F_X509V3_ADD_VALUE,0), "X509V3_add_value"},
|
||||
{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0), "X509V3_EXT_add"},
|
||||
{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0), "X509V3_EXT_add_alias"},
|
||||
{ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0), "X509V3_EXT_conf"},
|
||||
{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"},
|
||||
{ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0), "X509V3_get_value_bool"},
|
||||
{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"},
|
||||
{0,NULL},
|
||||
};
|
||||
|
||||
|
|
@ -117,8 +118,11 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
|
|||
{X509V3_R_INVALID_NULL_NAME ,"invalid null name"},
|
||||
{X509V3_R_INVALID_NULL_VALUE ,"invalid null value"},
|
||||
{X509V3_R_INVALID_OBJECT_IDENTIFIER ,"invalid object identifier"},
|
||||
{X509V3_R_INVALID_POLICY_IDENTIFIER ,"invalid policy identifier"},
|
||||
{X509V3_R_INVALID_SECTION ,"invalid section"},
|
||||
{X509V3_R_ISSUER_DECODE_ERROR ,"issuer decode error"},
|
||||
{X509V3_R_MISSING_VALUE ,"missing value"},
|
||||
{X509V3_R_NO_CONFIG_DATABASE ,"no config database"},
|
||||
{X509V3_R_NO_ISSUER_CERTIFICATE ,"no issuer certificate"},
|
||||
{X509V3_R_NO_ISSUER_DETAILS ,"no issuer details"},
|
||||
{X509V3_R_NO_PUBLIC_KEY ,"no public key"},
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@
|
|||
#define X509V3_F_HEX_TO_STRING 111
|
||||
#define X509V3_F_I2S_ASN1_ENUMERATED 121
|
||||
#define X509V3_F_I2S_ASN1_INTEGER 120
|
||||
#define X509V3_F_R2I_CERTPOL 130
|
||||
#define X509V3_F_S2I_ASN1_IA5STRING 100
|
||||
#define X509V3_F_S2I_ASN1_INTEGER 108
|
||||
#define X509V3_F_S2I_ASN1_OCTET_STRING 112
|
||||
|
|
@ -25,12 +26,12 @@
|
|||
#define X509V3_F_V2I_GENERAL_NAME 117
|
||||
#define X509V3_F_V2I_GENERAL_NAMES 118
|
||||
#define X509V3_F_V3_GENERIC_EXTENSION 116
|
||||
#define X509V3_F_X509V3_EXT_ADD 104
|
||||
#define X509V3_F_X509V3_ADD_VALUE 105
|
||||
#define X509V3_F_X509V3_EXT_ADD 104
|
||||
#define X509V3_F_X509V3_EXT_ADD_ALIAS 106
|
||||
#define X509V3_F_X509V3_EXT_CONF 107
|
||||
#define X509V3_F_X509V3_PARSE_LIST 109
|
||||
#define X509V3_F_X509V3_GET_VALUE_BOOL 110
|
||||
#define X509V3_F_X509V3_PARSE_LIST 109
|
||||
|
||||
/* Reason codes. */
|
||||
#define X509V3_R_BAD_IP_ADDRESS 118
|
||||
|
|
@ -52,8 +53,11 @@
|
|||
#define X509V3_R_INVALID_NULL_NAME 108
|
||||
#define X509V3_R_INVALID_NULL_VALUE 109
|
||||
#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
|
||||
#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
|
||||
#define X509V3_R_INVALID_SECTION 135
|
||||
#define X509V3_R_ISSUER_DECODE_ERROR 126
|
||||
#define X509V3_R_MISSING_VALUE 124
|
||||
#define X509V3_R_NO_CONFIG_DATABASE 136
|
||||
#define X509V3_R_NO_ISSUER_CERTIFICATE 121
|
||||
#define X509V3_R_NO_ISSUER_DETAILS 127
|
||||
#define X509V3_R_NO_PUBLIC_KEY 114
|
||||
|
|
|
|||
|
|
@ -203,7 +203,7 @@ typedef struct NOTICEREF_st {
|
|||
} NOTICEREF;
|
||||
|
||||
typedef struct USERNOTICE_st {
|
||||
NOTICEREF *notref;
|
||||
NOTICEREF *noticeref;
|
||||
ASN1_STRING *exptext;
|
||||
} USERNOTICE;
|
||||
|
||||
|
|
@ -217,10 +217,11 @@ typedef struct POLICYQUALINFO_st {
|
|||
} POLICYQUALINFO;
|
||||
|
||||
DECLARE_STACK_OF(POLICYQUALINFO)
|
||||
DECLARE_ASN1_SET_OF(POLICYQUALINFO)
|
||||
|
||||
typedef struct POLICYINFO_st {
|
||||
ASN1_OBJECT *policyid;
|
||||
STACK_OF(POLICYQUALINFO) qualifiers;
|
||||
STACK_OF(POLICYQUALINFO) *qualifiers;
|
||||
} POLICYINFO;
|
||||
|
||||
DECLARE_STACK_OF(POLICYINFO);
|
||||
|
|
@ -229,6 +230,10 @@ DECLARE_ASN1_SET_OF(POLICYINFO);
|
|||
#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
|
||||
",name:", val->name, ",value:", val->value);
|
||||
|
||||
#define X509V3_set_ctx_test(ctx) \
|
||||
X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
|
||||
#define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
|
||||
|
||||
#define EXT_BITSTRING(nid, table) { nid, 0, \
|
||||
(X509V3_EXT_NEW)asn1_bit_string_new, ASN1_STRING_free, \
|
||||
(X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
|
||||
|
|
@ -308,6 +313,32 @@ STACK *d2i_ext_ku(STACK **a, unsigned char **pp, long length);
|
|||
void ext_ku_free(STACK *a);
|
||||
STACK *ext_ku_new(void);
|
||||
|
||||
int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp);
|
||||
STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void);
|
||||
void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a);
|
||||
STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, unsigned char **pp, long length);
|
||||
|
||||
int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp);
|
||||
POLICYINFO *POLICYINFO_new(void);
|
||||
POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp, long length);
|
||||
void POLICYINFO_free(POLICYINFO *a);
|
||||
|
||||
int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp);
|
||||
POLICYQUALINFO *POLICYQUALINFO_new(void);
|
||||
POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp,
|
||||
long length);
|
||||
void POLICYQUALINFO_free(POLICYQUALINFO *a);
|
||||
|
||||
int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp);
|
||||
USERNOTICE *USERNOTICE_new(void);
|
||||
USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp, long length);
|
||||
void USERNOTICE_free(USERNOTICE *a);
|
||||
|
||||
int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp);
|
||||
NOTICEREF *NOTICEREF_new(void);
|
||||
NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp, long length);
|
||||
void NOTICEREF_free(NOTICEREF *a);
|
||||
|
||||
#ifdef HEADER_CONF_H
|
||||
GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf);
|
||||
void X509V3_conf_free(CONF_VALUE *val);
|
||||
|
|
@ -315,7 +346,6 @@ X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, c
|
|||
X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value);
|
||||
int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert);
|
||||
int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
|
||||
int X509V3_EXT_check_conf(LHASH *conf, char *section);
|
||||
int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
|
||||
int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
|
||||
void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
|
||||
|
|
@ -323,8 +353,8 @@ void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
|
|||
|
||||
char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
|
||||
STACK * X509V3_get_section(X509V3_CTX *ctx, char *section);
|
||||
void X509V3_free_string(X509V3_CTX *ctx, char *str);
|
||||
void X509V3_free_section( X509V3_CTX *ctx, STACK *section);
|
||||
void X509V3_string_free(X509V3_CTX *ctx, char *str);
|
||||
void X509V3_section_free( X509V3_CTX *ctx, STACK *section);
|
||||
void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
|
||||
X509_REQ *req, X509_CRL *crl, int flags);
|
||||
|
||||
|
|
@ -413,16 +443,40 @@ void X509V3_conf_free();
|
|||
X509_EXTENSION *X509V3_EXT_conf_nid();
|
||||
X509_EXTENSION *X509V3_EXT_conf();
|
||||
int X509V3_EXT_add_conf();
|
||||
int X509V3_EXT_check_conf();
|
||||
int X509V3_get_value_bool();
|
||||
int X509V3_get_value_int();
|
||||
void X509V3_set_conf_lhash();
|
||||
#endif
|
||||
|
||||
int i2d_CERTIFICATEPOLICIES();
|
||||
STACK *CERTIFICATEPOLICIES_new();
|
||||
void CERTIFICATEPOLICIES_free();
|
||||
STACK *d2i_CERTIFICATEPOLICIES();
|
||||
|
||||
int i2d_POLICYINFO();
|
||||
POLICYINFO *POLICYINFO_new();
|
||||
POLICYINFO *d2i_POLICYINFO();
|
||||
void POLICYINFO_free();
|
||||
|
||||
int i2d_POLICYQUALINFO();
|
||||
POLICYQUALINFO *POLICYQUALINFO_new();
|
||||
POLICYQUALINFO *d2i_POLICYQUALINFO();
|
||||
void POLICYQUALINFO_free();
|
||||
|
||||
int i2d_USERNOTICE();
|
||||
USERNOTICE *USERNOTICE_new();
|
||||
USERNOTICE *d2i_USERNOTICE();
|
||||
void USERNOTICE_free();
|
||||
|
||||
int i2d_NOTICEREF();
|
||||
NOTICEREF *NOTICEREF_new();
|
||||
NOTICEREF *d2i_NOTICEREF();
|
||||
void NOTICEREF_free();
|
||||
|
||||
char * X509V3_get_string();
|
||||
STACK * X509V3_get_section();
|
||||
void X509V3_free_string();
|
||||
void X509V3_free_section();
|
||||
void X509V3_string_free();
|
||||
void X509V3_section_free();
|
||||
void X509V3_set_ctx();
|
||||
|
||||
int X509V3_add_value();
|
||||
|
|
@ -461,6 +515,7 @@ int X509V3_EXT_print_fp();
|
|||
#define X509V3_F_HEX_TO_STRING 111
|
||||
#define X509V3_F_I2S_ASN1_ENUMERATED 121
|
||||
#define X509V3_F_I2S_ASN1_INTEGER 120
|
||||
#define X509V3_F_R2I_CERTPOL 130
|
||||
#define X509V3_F_S2I_ASN1_IA5STRING 100
|
||||
#define X509V3_F_S2I_ASN1_INTEGER 108
|
||||
#define X509V3_F_S2I_ASN1_OCTET_STRING 112
|
||||
|
|
@ -479,12 +534,12 @@ int X509V3_EXT_print_fp();
|
|||
#define X509V3_F_V2I_GENERAL_NAME 117
|
||||
#define X509V3_F_V2I_GENERAL_NAMES 118
|
||||
#define X509V3_F_V3_GENERIC_EXTENSION 116
|
||||
#define X509V3_F_X509V3_EXT_ADD 104
|
||||
#define X509V3_F_X509V3_ADD_VALUE 105
|
||||
#define X509V3_F_X509V3_EXT_ADD 104
|
||||
#define X509V3_F_X509V3_EXT_ADD_ALIAS 106
|
||||
#define X509V3_F_X509V3_EXT_CONF 107
|
||||
#define X509V3_F_X509V3_PARSE_LIST 109
|
||||
#define X509V3_F_X509V3_GET_VALUE_BOOL 110
|
||||
#define X509V3_F_X509V3_PARSE_LIST 109
|
||||
|
||||
/* Reason codes. */
|
||||
#define X509V3_R_BAD_IP_ADDRESS 118
|
||||
|
|
@ -506,8 +561,11 @@ int X509V3_EXT_print_fp();
|
|||
#define X509V3_R_INVALID_NULL_NAME 108
|
||||
#define X509V3_R_INVALID_NULL_VALUE 109
|
||||
#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
|
||||
#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
|
||||
#define X509V3_R_INVALID_SECTION 135
|
||||
#define X509V3_R_ISSUER_DECODE_ERROR 126
|
||||
#define X509V3_R_MISSING_VALUE 124
|
||||
#define X509V3_R_NO_CONFIG_DATABASE 136
|
||||
#define X509V3_R_NO_ISSUER_CERTIFICATE 121
|
||||
#define X509V3_R_NO_ISSUER_DETAILS 127
|
||||
#define X509V3_R_NO_PUBLIC_KEY 114
|
||||
|
|
|
|||
Loading…
Reference in a new issue